Category Archives: Code

Code of course.

Nested VPN Connections Using Docker, OpenVPN, and WireGuard Container

Recently, I ran into a scenario where I wanted to verify if geo-blocking on a specific UDP port was actually working. The UDP port is set up to only allow connections from the United States. The service running is WireGuard.

  1. The following tools will be needed to perform this:
    • Some sort of Linux distro (I used Kali Linux on a bare metal system; you might be able to do it using a virtual machine).
    • OpenVPN client and config file
    • OpenVPN server located outside of the United States
    • Docker installed and working properly
    • A firewall that supports geo-blocking with appropriate rules set up
    • WireGuard service behind the mentioned firewall
    • WireGuard client config

    The WireGuard container I used for testing is the following: https://github.com/jordanpotter/docker-wireguard

    First, we will connect to the OpenVPN server that is outside of the United States (we want to make sure this VPN connection is a full tunnel):

    openvpn --config Outside.ovpn
  2. You can then verify your connection using:
    curl ifconfig.me
  3. We will now run the following command to attempt to connect to the WireGuard service from outside of the United States:
    docker run --name wireguard --cap-add NET_ADMIN --cap-add SYS_MODULE --sysctl net.ipv4.conf.all.src_valid_mark=1  -v /root/OutsideCountry.conf:/etc/wireguard/wg0.conf jordanpotter/wireguard
  4. Next we will spin up a container that will use the docker container named ‘wireguard’ for networking:
    docker run --rm --net=container:wireguard -ti alpine /bin/ash
  5. Inside of this container you can attempt to see if you have network connectivity to the geo-blocked wireguard service, in my case it proved that geo-blocking was working.
  6. To verify if nested VPN connections even work in this scenario, I have an OpenVpn server that is located in the United States. Once I connected to this server, the container was able to connect to the geo-blocked wireguard service.

 

AV evasion fun with ChatGPT

I’ve used chatgpt for work on some SQL queries that I had troubles with and granted it worked.

I have 0 idea if this will compile or work.. I’m sharing the idea that I’m sure is not original:

 

 

code:

#include <stdio.h> #include <stdlib.h> void execute_shellcode() { __asm__(“mov $0xff,%eax\n\t” “inc %eax\n\t” “xor %ebx,%ebx\n\t” “mov $0xff,%edx\n\t” “inc %edx\n\t” “xor %ecx,%ecx\n\t” “int $0x80”); } int main() { void (*function_ptr)() = &execute_shellcode; function_ptr(); return 0; }

Portable virtual lab that fits in your pocket

USB 3.1 Flash Drive BAR Plus 256GB Titan Gray Memory & Storage - MUF-256BE4/AM | Samsung US

Storage continues to get cheaper and cheaper. Above is a picture of a SAMSUNG BAR Plus flash drive. I was able to find one used on eBay for about $30 which has 256GB storage capacity.

My goal was to have a portable Linux distro that’s persistent on a larger capacity flash drive which I can use to run virtual machines on and containers. While I’m not opposed to *BSD derivatives and even took some time to test out NomadBSD, I wanted to have an operating system that is more flexible and has more hardware support. I decided to go with Linux Mint XFCE. This means the flash drive can work in legacy bios systems and UEFI systems (provided secure boot is disabled).  To make the persistent Linux USB drive, I used this guide: https://www.howtogeek.com/howto/14912/create-a-persistent-bootable-ubuntu-usb-flash-drive/ .

A majority of computers for the past 20 years support virtualization. Granted, there are some rare systems that don’t support virtualization. (You can still install VirtualBox and have 32bit based guest operating systems.) My love and interest of type 1 hypervisors has lead me to experiment with hypervisors from different vendors. Linux KVM which has been around for 13 years, has become reliable and stable enough for production environments. To get Linux KVM up and running on my flash drive under Linux Mint, I simply used this tutorial: https://community.linuxmint.com/tutorial/view/1727. Then to get have a nice web based gui to work with Linux KVM, I installed cockpit ( https://www.hiroom2.com/2018/08/02/linuxmint-19-cockpit-en/ ) .

The next evolution of virtualization in my humble opinion, is virtual container based systems such as Docker. While dockers and container based systems may not always be ideal or meet true isolation security requirements, docker adoption and usage has skyrocketed. One of the most useful uses that I have for docker, is when I need a quick isolated environment for testing software that isn’t permanent. Need to brush up on MariaDB programming? Awesome, spin up a docker. Have a package you need to use that installs libraries that breaks other things or even your package manager? Docker to the rescue. There are some CUI/GUI based tools that help you with docker as well if you’re not a big fan of typing commands. (Check out dockly and https://www.portainer.io/ . Cockpit can be used for managing dockers as well.)

To install docker on my persistent flash drive, was no problem (see this guide: https://linuxhint.com/install_docker_linux_mint/). However, to get it up and running was a bit more of a pain on a persistent Linux Mint flash drive.  You can’t use the default storage driver, overlay2, you have to use the VFS storage driver (see https://docs.docker.com/storage/storagedriver/vfs-driver/ ). Once you have done this, you can test docker by simply doing: docker run hello-world.

I also wanted to have secure remote access to the system running my persistent flash drive. I stumbled upon Tailscale and fell in love. Once you have tailscale up and running, you’ll have a tailscale0 interface. You can now ssh into your persistent flash drive from other places on the internet as long as you have tailscale configured on the client system. Tailscale can traverse NAT!

This persistent flash drive that I have is not without its issues. I have not been able to upgrade the kernel or upgrade to a new version of Linux Mint. Additionally, the mint user password does not persist after reboot (though the root password persists). To access ssh on my flash drive I had to enable root login for ssh, which I know is not ideal or very secure. Caveats aside, this has been a fun learning experience that I would recommend to any other computer enthusiast.

 

command-not-found.com script

I’m a big fan of command-not-found.com and decided to write a simple script that can be used from the command line:

command:

cnf whois 

results:

Command-not-found.com results:
Install

All systems
curl cmd.cat/whois.sh

Debian
apt-get install whois

Ubuntu
apt-get install whois

[alpine.png] Alpine
apk add whois

Arch Linux
pacman -S whois

image/svg+xml Kali Linux
apt-get install whois

CentOS
yum install whois

Fedora
dnf install whois

OS X
brew install whois

Raspbian
apt-get install whois

Docker
docker run cmd.cat/whois whois powered by [8]Commando

The script is available here:

http://zitstif.com/cnf.txt

It’s a quick and dirty script but it gets the job done.

On-premise Exchange 2010 headaches

If you’ve worked in IT and have inherited other systems and networks to manage, you can definitely relate to having to work with situations that are less than ideal. Best practices can’t always be followed due to various reasons. (One main reason seems to be money related.) I am currently working with a client that has on-premise servers that are all bare metal and under-specced. We are in the process gathering information on their current setup and plan to decommission and consolidate their on-premise servers, and push them to use Office 365 instead.

I hope this post helps someone because I was having next to no luck being able to access the Exchange Management Shell. Oddly, the GUI tool worked fine, but I wanted to run powershell scripts to generate reports on the current configuration of the said Exchange server. Clicking on the powershell management shell for Exchange icon would result in:

I troubleshooted all the suggested steps suggested in the error output and everything appeared to check out fine. I then just tried using a standard powershell prompt to try to authenticate to the local exchange powershell, and started getting errors like:

[ExchServer] Connecting to remote server failed with the following error message : The WinRM client received an HTTP status code of 403 from the remote WS-Management service. For more information, see the about_Remote_Troubleshooting Help topic. + CategoryInfo : OpenError: (System.Manageme….RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc eption + FullyQualifiedErrorId : PSSessionOpenFailed

I found it curious that I was starting to get different error messages and felt like I was starting to get closer to being able to authenticate. What ended up working for me was to issue this command:

$session = new-pssession -configurationName Microsoft.Exchange -connectionuri http://change.me.local/PowerShell/ -Authentication Kerberos -credential $credential 

You are then prompted with a gui logon prompt. Make sure to use Domain\UserName in the username field then use the proper password. Lo and behold, no errors were given and it looks like I was authenticated! To import the exchange powershell modules, issue this command:

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010;

Again, I really hope this helps save someone a headache and time. As for the root of what’s causing the powershell management shell for Exchange icon shortcut to fail, I’m not clear. So at this point this is just a workaround.